Scope

System Computing Services provides:

  • Threat and vulnerability scanning in the client’s environment
  • Creation and administration of accounts for vulnerability scanning systems  
  • Creation and distribution of reports
  • Recommendations and guidance in remediating issues
  • Guidance and support in identifying compensating controls
  • Regular threat intelligence reports and notifications of critical vulnerabilities from reputable organizations such as federal, state, and local agencies; contracted vendors; and law enforcement
  • Ad-hoc and post-remediation vulnerability scanning
  • Support for incident response including engagement with 3rd party vendors
  • Support institutions with internal and external audits

Client Responsibilities

  • Patch and remediate critical and high severity threats and vulnerabilities identified by reporting
  • Plan and implement compensating controls for systems that cannot be patched or updated
  • Adhere to current industry standards for patch management, updates, and upgrades
  • Respond to SCS requests for essential service information, including authorized points of contact
  • Inform SCS of institutional changes, such as staffing or other events, that might impact NSHE IT Security